{"id":4415,"date":"2026-04-08T14:47:52","date_gmt":"2026-04-08T06:47:52","guid":{"rendered":"https:\/\/aws-oncloudai.com\/?p=4415"},"modified":"2026-04-08T14:47:52","modified_gmt":"2026-04-08T06:47:52","slug":"aws-vpc","status":"publish","type":"post","link":"https:\/\/aws-oncloudai.com\/zh_hk\/aws-vpc\/","title":{"rendered":"AWS VPC \u7db2\u8def\u67b6\u69cb\u5b8c\u5168\u6307\u5357\uff1a\u5b50\u7db2\u8def\u5206\u5272\u3001\u5b89\u5168\u6027\u7fa4\u7d44\u8207\u8def\u7531\u8868\u8a2d\u5b9a\u5be6\u6230"},"content":{"rendered":"

\"\"<\/p>\n

\u4e00\u5bb6\u51fa\u6d77SaaS \u4f01\u696d\u5728\u9077\u79fb\u4e0aAWS \u4e09\u500b\u6708\u5f8c\uff0c\u906d\u9047\u4e86\u56b4\u91cd\u7684\u5b89\u5168\u4e8b\u6545\uff1a\u7531\u65bcRDS \u8cc7\u6599\u5eab\u5be6\u4f8b\u88ab\u932f\u8aa4\u653e\u7f6e\u5728\u516c\u6709\u5b50\u7db2\uff0c\u4e14\u5b89\u5168\u7fa4\u7d44\u898f\u5247\u904e\u65bc\u5bec\u9b06\uff0c\u5c0e\u81f4\u8cc7\u6599\u5eab\u9023\u63a5\u57e0\u66b4\u9732\u5728\u516c\u7db2\uff0c\u5f15\u767c\u4e86\u4e00\u6b21\u8cc7\u6599\u5916\u6d29\u98a8\u96aa\u544a\u8b66\u3002<\/p>\n

\u9019\u500b\u6848\u4f8b\u5728\u51fa\u6d77\u4f01\u696d\u4e0a\u96f2\u521d\u671f\u4e26\u4e0d\u7f55\u898b\u3002\u8a31\u591a\u5718\u968a\u6025\u65bc\u5b8c\u6210\u9077\u79fb\uff0c\u5c0dVPC \u7db2\u8def\u67b6\u69cb\u7684\u7406\u89e3\u505c\u7559\u5728\u300d\u80fd\u8dd1\u8d77\u4f86\u5c31\u884c\u300d\u7684\u968e\u6bb5\uff0c\u7d50\u679c\u70ba\u5f8c\u7e8c\u7684\u5b89\u5168\u548c\u7dad\u904b\u57cb\u4e0b\u96b1\u60a3\u3002<\/p>\n

VPC\uff08Virtual Private Cloud\uff09\u662fAWS \u4e0a\u6240\u6709\u8cc7\u6e90\u7684\u7db2\u8def\u57fa\u790e\u3002\u672c\u6587\u5f9e\u6838\u5fc3\u6982\u5ff5\u5230\u5be6\u6230\u914d\u7f6e\uff0c\u5e6b\u4f60\u628a\u9019\u500b\u57fa\u790e\u6253\u7262\u3002<\/p>\n

\n

\u4ec0\u9ebc\u662fAWS VPC\uff1f<\/h3>\n

VPC \u662f\u4f60\u5728AWS \u96f2\u7aef\u5c08\u5c6c\u7684\u865b\u64ec\u7db2\u8def\u74b0\u5883\u3002\u4f60\u53ef\u4ee5\u5b8c\u5168\u63a7\u5236\u9019\u500b\u7db2\u8def\u7684IP \u4f4d\u5740\u7bc4\u570d\u3001\u5b50\u7db2\u8def\u5283\u5206\u3001\u8def\u7531\u898f\u5247\u548c\u7db2\u8def\u5b89\u5168\u7b56\u7565\uff0c\u5c31\u50cf\u5728\u81ea\u5df1\u7684\u8cc7\u6599\u4e2d\u5fc3\u88e1\u7ba1\u7406\u7db2\u8def\u4e00\u6a23\uff0c\u4f46\u7121\u9700\u8cfc\u8cb7\u4efb\u4f55\u5be6\u9ad4\u786c\u9ad4\u3002<\/p>\n

\u6bcf\u500bAWS \u5e33\u6236\u5728\u6bcf\u500bRegion \u6703\u81ea\u52d5\u5efa\u7acb\u4e00\u500b\u9810\u8a2dVPC\uff0c\u65b9\u4fbf\u5feb\u901f\u555f\u52d5\u8cc7\u6e90\u3002\u4f46\u5c0d\u65bc\u751f\u7522\u74b0\u5883\uff0c\u5f37\u70c8\u5efa\u8b70\u5275\u5efa\u81ea\u8a02VPC\uff0c\u4ee5\u7372\u5f97\u66f4\u7cbe\u7d30\u7684\u63a7\u5236\u6b0a\u3002<\/p>\n

VPC \u7684\u6838\u5fc3\u7d44\u6210<\/strong><\/p>\n\n\n\n\n\n\n\n\n\n\n\n
\u7d44\u4ef6<\/th>\n\u4f5c\u7528<\/th>\n<\/tr>\n<\/thead>\n
CIDR \u5340\u584a<\/td>\n\u5b9a\u7fa9VPC \u7684IP \u4f4d\u5740\u7bc4\u570d\uff08\u598210.0.0.0\/16\uff09<\/td>\n<\/tr>\n
\u5b50\u7db2\u8def\uff08Subnet\uff09<\/td>\n\u5c07VPC \u5283\u5206\u70ba\u8f03\u5c0f\u7684\u7db2\u6bb5\uff0c\u5206\u4f48\u5728\u4e0d\u540c\u53ef\u7528\u5340<\/td>\n<\/tr>\n
\u8def\u7531\u8868\uff08Route Table\uff09<\/td>\n\u63a7\u5236\u5b50\u7db2\u8def\u5167\u6d41\u91cf\u7684\u8f49\u9001\u898f\u5247<\/td>\n<\/tr>\n
\u7db2\u969b\u7db2\u8def\u9598\u9053\uff08IGW\uff09<\/td>\n\u5141\u8a31\u516c\u6709\u5b50\u7db2\u8def\u8207\u7db2\u969b\u7db2\u8def\u901a\u4fe1<\/td>\n<\/tr>\n
NAT \u9598\u9053<\/td>\n\u5141\u8a31\u79c1\u6709\u5b50\u7db2\u8def\u5b58\u53d6\u4e92\u806f\u7db2\uff0c\u4f46\u963b\u6b62\u5916\u90e8\u4e3b\u52d5\u5b58\u53d6<\/td>\n<\/tr>\n
\u5b89\u5168\u7fa4\u7d44\uff08Security Group\uff09<\/td>\n\u5be6\u4f8b\u5c64\u7d1a\u7684\u865b\u64ec\u9632\u706b\u7246\uff0c\u63a7\u5236\u5165\u7ad9\/\u51fa\u7ad9\u6d41\u91cf<\/td>\n<\/tr>\n
\u7db2\u8defACL\uff08NACL\uff09<\/td>\n\u5b50\u7db2\u8def\u5c64\u7d1a\u7684\u9632\u706b\u7246\uff0c\u63d0\u4f9b\u984d\u5916\u7684\u5b58\u53d6\u63a7\u5236\u5c64<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n

\u5b50\u7db2\u898f\u5283\uff1a\u516c\u6709\u5b50\u7db2\u8defvs \u79c1\u6709\u5b50\u7db2<\/h3>\n

\u5408\u7406\u7684\u5b50\u7db2\u8def\u5206\u5272\u662fVPC \u67b6\u69cb\u8a2d\u8a08\u7684\u7b2c\u4e00\u6b65\uff0c\u4e5f\u662f\u6700\u95dc\u9375\u7684\u4e00\u6b65\u3002<\/p>\n

\u516c\u6709\u5b50\u7db2\u8def\uff08Public Subnet\uff09<\/h4>\n

\u516c\u6709\u5b50\u7db2\u8def\u662f\u6307\u8def\u7531\u8868\u4e2d\u5305\u542b\u6307\u5411\u7db2\u969b\u7db2\u8def\u9598\u9053\uff08IGW\uff09\u8def\u7531\u7684\u5b50\u7db2\u8def\u3002\u653e\u7f6e\u5728\u516c\u6709\u5b50\u7db2\u8def\u4e2d\u7684\u8cc7\u6e90\u53ef\u4ee5\u64c1\u6709\u516c\u7db2IP\uff0c\u76f4\u63a5\u8207\u7db2\u969b\u7db2\u8def\u901a\u8a0a\u3002<\/p>\n

\u9069\u5408\u653e\u5165\u516c\u6709\u5b50\u7db2\u8def\u7684\u8cc7\u6e90\uff1a<\/strong><\/p>\n

    \n
  • \u61c9\u7528\u8ca0\u8f09\u5e73\u8861\u5668\uff08ALB\/ELB\uff09<\/li>\n
  • NAT \u9598\u9053<\/li>\n
  • \u5821\u58d8\u6a5f\uff08Bastion Host\uff09<\/li>\n
  • \u9700\u8981\u76f4\u63a5\u9762\u5411\u7db2\u969b\u7db2\u8def\u7684Web \u4f3a\u670d\u5668\uff08\u7279\u6b8a\u5834\u666f\uff09<\/li>\n<\/ul>\n

    \u79c1\u6709\u5b50\u7db2\u8def\uff08Private Subnet\uff09<\/h4>\n

    \u79c1\u6709\u5b50\u7db2\u8def\u7684\u8def\u7531\u8868\u4e0d\u5305\u542b\u76f4\u63a5\u901a\u5f80IGW \u7684\u8def\u7531\uff0c\u8cc7\u6e90\u7121\u6cd5\u5f9e\u7db2\u8def\u76f4\u63a5\u5b58\u53d6\u3002\u79c1\u6709\u5b50\u7db2\u8def\u4e2d\u7684\u8cc7\u6e90\u82e5\u9700\u5b58\u53d6\u7db2\u969b\u7db2\u8def\uff08\u5982\u4e0b\u8f09\u8edf\u9ad4\u5305\u3001\u547c\u53eb\u5916\u90e8API\uff09\uff0c\u9700\u900f\u904eNAT \u9598\u9053\u4e2d\u8f49\u3002<\/p>\n

    \u9069\u5408\u653e\u5165\u79c1\u6709\u5b50\u7db2\u8def\u7684\u8cc7\u6e90\uff1a<\/strong><\/p>\n

      \n
    • \u61c9\u7528\u7a0b\u5f0f\u4f3a\u670d\u5668\uff08EC2 \u5be6\u4f8b\uff09<\/li>\n
    • \u8cc7\u6599\u5eab\uff08RDS\u3001Aurora\u3001ElastiCache\uff09<\/li>\n
    • \u5167\u90e8API \u670d\u52d9<\/li>\n
    • \u6279\u6b21\u8655\u7406\u4efb\u52d9<\/li>\n<\/ul>\n

      \u6a19\u6e96\u4e09\u5c64\u67b6\u69cb\u793a\u610f<\/strong><\/p>\n

      \n
      \n
      \u7db2\u969b\u7db2\u8def\u2193 [\u516c\u6709\u5b50\u7db2\u8def] \u2014 \u8ca0\u8f09\u5e73\u8861\u5668\uff08ALB\uff09 \u2193 [\u79c1\u6709\u5b50\u7db2\u8def] \u2014 \u61c9\u7528\u4f3a\u670d\u5668\uff08EC2\uff09 \u2193 [\u79c1\u6709\u5b50\u7db2\u8def] \u2014 \u8cc7\u6599\u5eab\uff08RDS\uff09\r\n<\/code><\/pre>\n<\/div>\n<\/div>\n
      \u9019\u7a2e\u5206\u5c64\u67b6\u69cb\u78ba\u4fdd\u8cc7\u6599\u5eab\u548c\u61c9\u7528\u7a0b\u5f0f\u4f3a\u670d\u5668\u6c38\u9060\u4e0d\u6703\u76f4\u63a5\u66b4\u9732\u5728\u516c\u7db2\uff0c\u5927\u5e45\u964d\u4f4e\u653b\u64ca\u9762\u3002<\/p>\n
      \u591a\u53ef\u7528\u5340\uff08Multi-AZ\uff09\u898f\u5283<\/h4>\n
      \u751f\u7522\u74b0\u5883\u5fc5\u9808\u5728\u81f3\u5c11\u5169\u500b\u53ef\u7528\u5340\uff08Availability Zone\uff09\u90e8\u7f72\u5b50\u7db2\u8def\u3002 AWS \u7684\u53ef\u7528\u5340\u662f\u7368\u7acb\u7684\u5be6\u9ad4\u8cc7\u6599\u4e2d\u5fc3\uff0c\u8de8AZ \u90e8\u7f72\u53ef\u5728\u55ae\u4e00AZ \u6545\u969c\u6642\u4fdd\u8b49\u670d\u52d9\u9023\u7e8c\u6027\u3002<\/p>\n
      \u63a8\u85a6\u7684\u5b50\u7db2\u898f\u5283\uff08\u4ee5ap-northeast-1 \u6771\u4eacRegion \u70ba\u4f8b\uff09\uff1a<\/p>\n\n\n\n\n\n\n\n\n\n\n
      \u5b50\u7db2\u8def\u540d\u7a31<\/th>\nCIDR<\/th>\n\u53ef\u7528\u5340<\/th>\n\u985e\u578b<\/th>\n<\/tr>\n<\/thead>\n
      public-subnet-1a<\/td>\n10.0.1.0\/24<\/td>\nap-northeast-1a<\/td>\n\u516c\u6709<\/td>\n<\/tr>\n
      public-subnet-1c<\/td>\n10.0.2.0\/24<\/td>\nap-northeast-1c<\/td>\n\u516c\u6709<\/td>\n<\/tr>\n
      private-app-1a<\/td>\n10.0.11.0\/24<\/td>\nap-northeast-1a<\/td>\n\u79c1\u4eba<\/td>\n<\/tr>\n
      private-app-1c<\/td>\n10.0.12.0\/24<\/td>\nap-northeast-1c<\/td>\n\u79c1\u4eba<\/td>\n<\/tr>\n
      private-db-1a<\/td>\n10.0.21.0\/24<\/td>\nap-northeast-1a<\/td>\n\u79c1\u4eba<\/td>\n<\/tr>\n
      private-db-1c<\/td>\n10.0.22.0\/24<\/td>\nap-northeast-1c<\/td>\n\u79c1\u4eba<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
      \n
      \u8def\u7531\u8868\u914d\u7f6e<\/h3>\n
      \u6bcf\u500b\u5b50\u7db2\u8def\u5fc5\u9808\u95dc\u806f\u4e00\u5f35\u8def\u7531\u8868\u3002\u8def\u7531\u8868\u6c7a\u5b9a\u4e86\u8a72\u5b50\u7db2\u8def\u5167\u7684\u6d41\u91cf\u5982\u4f55\u8f49\u9001\u3002<\/p>\n
      \u516c\u6709\u5b50\u7db2\u8def\u7531\u8868<\/h4>\n
      \u516c\u6709\u5b50\u7db2\u8def\u8def\u7531\u8868\u9700\u8981\u5305\u542b\u5169\u689d\u6838\u5fc3\u8def\u7531\uff1a<\/p>\n
      \u7b2c\u4e00\u689d\u662f\u672c\u5730\u8def\u7531\uff0c\u76ee\u6a19\u70baVPC \u7684CIDR \u5340\u584a\uff08\u598210.0.0.0\/16\uff09\uff0c\u76ee\u6a19\u70balocal\uff0c\u9019\u689d\u8def\u7531\u7531AWS \u81ea\u52d5\u6dfb\u52a0\uff0c\u5141\u8a31VPC \u5167\u90e8\u8cc7\u6e90\u4e92\u76f8\u901a\u8a0a\u3002<\/p>\n
      \u7b2c\u4e8c\u689d\u662f\u7db2\u969b\u7db2\u8def\u8def\u7531\uff0c\u76ee\u6a19\u70ba0.0.0.0\/0\uff08\u6240\u6709\u6d41\u91cf\uff09\uff0c\u76ee\u6a19\u6307\u5411\u7db2\u969b\u7db2\u8def\u9598\u9053\uff08igw-xxxxxxxx\uff09\uff0c\u9019\u689d\u8def\u7531\u4f7f\u516c\u6709\u5b50\u7db2\u8def\u4e2d\u7684\u8cc7\u6e90\u53ef\u4ee5\u5b58\u53d6\u548c\u88ab\u5b58\u53d6\u7db2\u969b\u7db2\u8def\u3002<\/p>\n
      \u79c1\u6709\u5b50\u7db2\u8def\u7531\u8868<\/h4>\n
      \u79c1\u6709\u5b50\u7db2\u8def\u8def\u7531\u8868\u540c\u6a23\u6709\u672c\u5730\u8def\u7531\uff08\u81ea\u52d5\u5efa\u7acb\uff09\uff0c\u4f46\u4e0d\u5305\u542b\u76f4\u63a5\u7684IGW \u8def\u7531\u3002\u82e5\u79c1\u6709\u5b50\u7db2\u8def\u4e2d\u7684\u8cc7\u6e90\u9700\u8981\u5b58\u53d6\u4e92\u806f\u7db2\uff0c\u5247\u9700\u589e\u52a0\u4e00\u689d0.0.0.0\/0 \u6307\u5411NAT \u9598\u9053\u7684\u8def\u7531\u3002<\/p>\n
      \u91cd\u8981\u63d0\u793a<\/strong>\uff1aNAT \u9598\u9053\u672c\u8eab\u5fc5\u9808\u90e8\u7f72\u5728\u516c\u6709\u5b50\u7db2\u8def\u4e2d\uff0c\u4e26\u64c1\u6709\u5f48\u6027IP\uff08EIP\uff09\u3002\u6bcf\u500b\u53ef\u7528\u5340\u61c9\u90e8\u7f72\u7368\u7acb\u7684NAT \u7db2\u95dc\uff0c\u907f\u514d\u55ae\u9ede\u6545\u969c\u3002<\/p>\n
      \n
      \u5b89\u5168\u7fa4\u7d44\u914d\u7f6e\u6700\u4f73\u5be6\u8e10<\/h3>\n
      \u5b89\u5168\u7fa4\u7d44\u662fAWS \u4e2d\u6700\u5e38\u7528\u7684\u7db2\u8def\u5b89\u5168\u63a7\u88fd\u624b\u6bb5\uff0c\u5b83\u5de5\u4f5c\u5728\u5be6\u4f8b\u7d1a\u5225\uff0c\u5c6c\u65bc\u6709\u72c0\u614b\u9632\u706b\u7246\uff08\u5141\u8a31\u7684\u5165\u7ad9\u6d41\u91cf\uff0c\u56de\u7a0b\u6d41\u91cf\u81ea\u52d5\u653e\u884c\uff09\u3002<\/p>\n
      \u6700\u5c0f\u6b0a\u9650\u539f\u5247<\/h4>\n
      \u5b89\u5168\u7fa4\u7d44\u914d\u7f6e\u7684\u6838\u5fc3\u539f\u5247\u662f\uff1a\u53ea\u958b\u653e\u5fc5\u8981\u7684\u7aef\u53e3\uff0c\u53ea\u5141\u8a31\u5fc5\u8981\u7684\u4f86\u6e90\u3002<\/p>\n
      \u53cd\u4f8b\uff08\u5371\u96aa\u914d\u7f6e\uff09\uff1a<\/strong><\/p>\n\n\n\n\n\n\n\n
      \u985e\u578b<\/th>\n\u5354\u5b9a<\/th>\n\u9023\u63a5\u57e0<\/th>\n\u4f86\u6e90<\/th>\n<\/tr>\n<\/thead>\n
      \u5165\u7ad9<\/td>\nTCP<\/td>\n22 (SSH)<\/td>\n0.0.0.0\/0<\/td>\n<\/tr>\n
      \u5165\u7ad9<\/td>\nTCP<\/td>\n3306 (MySQL)<\/td>\n0.0.0.0\/0<\/td>\n<\/tr>\n
      \u5165\u7ad9<\/td>\nAll Traffic<\/td>\nAll<\/td>\n0.0.0.0\/0<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
      \u4e0a\u8ff0\u914d\u7f6e\u5c07SSH \u548c\u8cc7\u6599\u5eab\u9023\u63a5\u57e0\u66b4\u9732\u7d66\u5168\u7403\u6240\u6709IP\uff0c\u6975\u5ea6\u5371\u96aa\u3002<\/p>\n
      \u6b63\u4f8b\uff08\u5efa\u8b70\u914d\u7f6e\uff09\uff1a<\/strong><\/p>\n
      \u61c9\u7528\u7a0b\u5f0f\u4f3a\u670d\u5668\u5b89\u5168\u7fa4\u7d44\uff1a<\/p>\n\n\n\n\n\n\n\n
      \u985e\u578b<\/th>\n\u5354\u5b9a<\/th>\n\u9023\u63a5\u57e0<\/th>\n\u4f86\u6e90<\/th>\n<\/tr>\n<\/thead>\n
      \u5165\u7ad9<\/td>\nTCP<\/td>\n80\/443<\/td>\nALB \u5b89\u5168\u6027\u7fa4\u7d44ID<\/td>\n<\/tr>\n
      \u5165\u7ad9<\/td>\nTCP<\/td>\n22<\/td>\n\u5821\u58d8\u6a5f\u5b89\u5168\u7fa4\u7d44ID<\/td>\n<\/tr>\n
      \u51fa\u7ad9<\/td>\nAll<\/td>\nAll<\/td>\n0.0.0.0\/0<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
      \u8cc7\u6599\u5eab\u5b89\u5168\u7fa4\u7d44\uff1a<\/p>\n\n\n\n\n\n\n
      \u985e\u578b<\/th>\n\u5354\u5b9a<\/th>\n\u9023\u63a5\u57e0<\/th>\n\u4f86\u6e90<\/th>\n<\/tr>\n<\/thead>\n
      \u5165\u7ad9<\/td>\nTCP<\/td>\n3306<\/td>\n\u61c9\u7528\u7a0b\u5f0f\u4f3a\u670d\u5668\u5b89\u5168\u6027\u7fa4\u7d44ID<\/td>\n<\/tr>\n
      \u51fa\u7ad9<\/td>\nAll<\/td>\nAll<\/td>\n0.0.0.0\/0<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
      \u900f\u904e\u5b89\u5168\u7fa4\u7d44ID \u76f8\u4e92\u5f15\u7528\uff0c\u800c\u4e0d\u662f\u4f7f\u7528IP \u4f4d\u5740\uff0c\u53ef\u4ee5\u78ba\u4fdd\u5373\u4f7fEC2 \u5be6\u4f8bIP \u767c\u751f\u8b8a\u5316\uff0c\u5b89\u5168\u898f\u5247\u4ecd\u7136\u6709\u6548\u3002<\/p>\n
      \u5b89\u5168\u7fa4\u7d44vs \u7db2\u8defACL<\/h4>\n\n\n\n\n\n\n\n\n\n
      \u7279\u6027<\/th>\n\u5b89\u5168\u7fa4\u7d44<\/th>\n\u7db2\u8defACL<\/th>\n<\/tr>\n<\/thead>\n
      \u4f5c\u7528\u7bc4\u570d<\/td>\n\u5be6\u4f8b\u5c64\u7d1a<\/td>\n\u5b50\u7db2\u8def\u7d1a\u5225<\/td>\n<\/tr>\n
      \u72c0\u614b\u985e\u578b<\/td>\n\u6709\u72c0\u614b<\/td>\n\u7121\u72c0\u614b<\/td>\n<\/tr>\n
      \u898f\u5247\u985e\u578b<\/td>\n\u50c5\u5141\u8a31\u898f\u5247<\/td>\n\u5141\u8a31+ \u62d2\u7d55\u898f\u5247<\/td>\n<\/tr>\n
      \u898f\u5247\u9806\u5e8f<\/td>\n\u7121\u5e8f\uff08\u53d6\u4e26\u96c6\uff09<\/td>\n\u6709\u5e8f\uff08\u6309\u7de8\u865f\u5339\u914d\uff09<\/td>\n<\/tr>\n
      \u9069\u7528\u5834\u666f<\/td>\n\u65e5\u5e38\u5b58\u53d6\u63a7\u5236<\/td>\n\u984d\u5916\u5b89\u5168\u5c64\/\u7dca\u6025\u5c01\u9396<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
      \u5c0d\u65bc\u5927\u591a\u6578\u5834\u666f\uff0c\u5b89\u5168\u7fa4\u7d44\u5df2\u8db3\u5920\u3002\u7db2\u8defACL \u4e3b\u8981\u7528\u65bc\u9700\u8981\u660e\u78ba\u62d2\u7d55\u7279\u5b9aIP \u6bb5\uff08\u5982\u5c01\u9396\u5df2\u77e5\u60e1\u610fIP\uff09\u6216\u589e\u52a0\u984d\u5916\u5408\u898f\u5be9\u8a08\u5c64\u7684\u5834\u666f\u3002<\/p>\n
      \n
      VPC \u5c0d\u7b49\u9023\u7dda\u8207Transit Gateway<\/h3>\n
      \u7576\u4f01\u696d\u696d\u52d9\u898f\u6a21\u64f4\u5927\uff0c\u9700\u8981\u5728\u591a\u500bVPC \u4e4b\u9593\u6253\u901a\u7db2\u8def\u6642\uff08\u4f8b\u5982\u958b\u767c\u3001\u6e2c\u8a66\u3001\u751f\u7522\u74b0\u5883\u5206\u5c6c\u4e0d\u540cVPC\uff09\uff0c\u6709\u5169\u7a2e\u4e3b\u8981\u65b9\u6848\uff1a<\/p>\n
      VPC \u5c0d\u7b49\u9023\u7d50\uff08VPC Peering\uff09<\/h4>\n
      \u5169\u500bVPC \u4e4b\u9593\u5efa\u7acb\u4e00\u5c0d\u4e00\u7684\u79c1\u6709\u7db2\u8def\u9023\u63a5\uff0c\u6d41\u91cf\u4e0d\u7d93\u904e\u4e92\u806f\u7db2\uff0c\u5ef6\u9072\u4f4e\u3001\u6210\u672c\u4f4e\u3002<\/p>\n
      \u9069\u5408\u5834\u666f\uff1aVPC \u6578\u91cf\u8f03\u5c11\uff083\u500b\u4ee5\u5167\uff09\uff0c\u9700\u8981\u7c21\u55ae\u7684\u9ede\u5c0d\u9ede\u9023\u7dda\u3002<\/p>\n
      \u9650\u5236\uff1aVPC Peering \u4e0d\u652f\u63f4\u50b3\u905e\u6027\u8def\u7531\uff0c\u5373AB \u5c0d\u7b49\u3001BC \u5c0d\u7b49\uff0c\u4e26\u4e0d\u4ee3\u8868A \u80fd\u5b58\u53d6C\u3002<\/p>\n
      Transit Gateway<\/h4>\n
      Transit Gateway \u662fAWS \u63d0\u4f9b\u7684\u7db2\u8def\u6a1e\u7d10\u670d\u52d9\uff0c\u53ef\u5c07\u591a\u500bVPC \u548c\u672c\u5730\u7db2\u8def\u9023\u63a5\u5230\u540c\u4e00\u500b\u4e2d\u5fc3\u7bc0\u9ede\uff0c\u4ee5\u5be6\u73fe\u5168\u4e92\u806f\u6216\u53d7\u63a7\u4e92\u806f\u3002<\/p>\n
      \u9069\u5408\u5834\u666f\uff1aVPC \u6578\u91cf\u8f03\u591a\uff084\u500b\u4ee5\u4e0a\uff09\u3001\u6709\u6df7\u5408\u96f2\uff08\u672c\u5730\u8cc7\u6599\u4e2d\u5fc3+\u96f2\u7aef\uff09\u9700\u6c42\u3001\u9700\u8981\u96c6\u4e2d\u7ba1\u7406\u8def\u7531\u7b56\u7565\u7684\u4f01\u696d\u3002<\/p>\n
      \n
      \u5e38\u898bVPC \u914d\u7f6e\u932f\u8aa4\u8207\u907f\u5751\u6307\u5357<\/h3>\n
      \u6839\u64da\u6211\u5011\u670d\u52d9\u51fa\u6d77\u4f01\u696d\u4e0a\u96f2\u7684\u7d93\u9a57\uff0c\u4ee5\u4e0b\u662f\u6700\u5e38\u898b\u7684VPC \u914d\u7f6e\u932f\u8aa4\uff1a<\/p>\n
      \u932f\u8aa4\u4e00\uff1a\u8cc7\u6599\u5eab\u653e\u5728\u516c\u6709\u5b50\u7db2<\/strong><\/p>\n
      \u5f88\u591a\u521d\u5b78\u8005\u70ba\u4e86\u65b9\u4fbf\u9023\u63a5\uff0c\u628aRDS \u653e\u5728\u516c\u6709\u5b50\u7db2\u4e26\u958b\u653e\u516c\u7db2\u5b58\u53d6\u3002\u6b63\u78ba\u505a\u6cd5\u662f\u5c07RDS \u59cb\u7d42\u653e\u5728\u79c1\u6709\u5b50\u7db2\uff0c\u900f\u904e\u5821\u58d8\u6a5f\u6216AWS Systems Manager Session Manager \u9032\u884c\u7dad\u904b\u5b58\u53d6\u3002<\/p>\n
      \u932f\u8aa4\u4e8c\uff1a\u751f\u7522\u74b0\u5883\u4f7f\u7528\u9810\u8a2dVPC<\/strong><\/p>\n
      \u9810\u8a2dVPC \u7684\u5b89\u5168\u7fa4\u7d44\u548c\u8def\u7531\u914d\u7f6e\u904e\u65bc\u5bec\u9b06\uff0c\u4e14\u6240\u6709\u5b50\u7db2\u8def\u90fd\u662f\u516c\u6709\u5b50\u7db2\u8def\u3002\u751f\u7522\u74b0\u5883\u5fc5\u9808\u4f7f\u7528\u81ea\u8a02VPC\u3002<\/p>\n
      \u932f\u8aa4\u4e09\uff1aNAT \u7db2\u95dc\u53ea\u90e8\u7f72\u4e00\u500b<\/strong><\/p>\n
      \u5982\u679c\u53ea\u5728\u4e00\u500b\u53ef\u7528\u5340\u90e8\u7f72NAT \u7db2\u95dc\uff0c\u7576\u8a72AZ \u767c\u751f\u6545\u969c\u6642\uff0c\u6240\u6709\u79c1\u6709\u5b50\u7db2\u8def\u7684\u51fa\u7ad9\u6d41\u91cf\u90fd\u6703\u4e2d\u65b7\u3002\u9ad8\u53ef\u7528\u67b6\u69cb\u8981\u6c42\u6bcf\u500b\u4f7f\u7528\u7684\u53ef\u7528\u5340\u90fd\u6709\u7368\u7acb\u7684NAT \u9598\u9053\u3002<\/p>\n
      \u932f\u8aa4\u56db\uff1a\u5ffd\u7565VPC \u6d41\u65e5\u8a8c<\/strong><\/p>\n
      VPC \u6d41\u65e5\u8a8c\uff08VPC Flow Logs\uff09\u8a18\u9304\u6240\u6709\u9032\u51faVPC \u7684\u7db2\u8def\u6d41\u91cf\u8a0a\u606f\uff0c\u662f\u5b89\u5168\u5be9\u8a08\u548c\u6545\u969c\u6392\u67e5\u7684\u91cd\u8981\u5de5\u5177\u3002\u5efa\u8b70\u5f9e\u642d\u5efaVPC \u6642\u958b\u555f\u4e32\u6d41\u65e5\u8a8c\uff0c\u8f38\u51fa\u5230CloudWatch Logs \u6216S3\u3002<\/p>\n
      \n
      \u7e3d\u7d50\uff1aVPC \u67b6\u69cb\u8a2d\u8a08\u6838\u5fc3\u539f\u5247<\/h3>\n
      \u4e00\u500b\u5065\u58ef\u7684AWS VPC \u67b6\u69cb\u61c9\u9075\u5faa\u4ee5\u4e0b\u539f\u5247\uff1a<\/p>\n